Service Mesh
A service mesh is a configurable infrastructure layer for microservices application that makes communication flexible, reliable, and fast.
Istio Training 2 π¬ Installing Istio
Paid
Members
Public
Installing Istio In the previous lab we saw how Envoy works. We also saw that Envoy needs a control plane to configure it in a dynamic environment like a cloud platform built on containers or Kubernetes. Istio provides that control plane to drive the behavior of the network. Istio provides
Istio Training 3 π¬ Istio observability systems
Paid
Members
Public
Connecting To Observability Systems One of the most powerful parts of Istio is its ability to use the mesh to quickly troubleshoot and diagnose issues that inevitably come up in microservices networking. Where are requests slowing down? Where are they failing? Where are things becoming overloaded? Having something like Envoy
Istio Training 4 π¬ Creating An Ingress Gateway For Istio
Paid
Members
Public
Creating An Ingress Gateway For Istio Getting started with Envoy based technologies is best by starting small and iteratively growing. In this lab we will take a look at adopting Envoy at the edge with the Istio ingress gateway. The intention of the ingress gateway is to allow traffic into
Istio Training 5 π¬ Add Services to Istio
Paid
Members
Public
Add Services to Istio In this lab we will be gradually adding services to the Istio service mesh we installed in earlier labs. We will cover how to examine envoy configuration for your services, how to delay your application from starting until the sidecar proxy is ready, how to enable
Istio Training 6 π¬ Rollout mTLS to your services
Paid
Members
Public
Rollout mTLS to your services Istio can automatically encrypt traffic between services in the mesh with mutual TLS. For this to happen, both sides of the connection must be in the mesh and configured for mTLS. By default, with no configuration specified, Istio will adopt a "permissive" policy which means
Istio Training 7 π¬ Controlling Configuration Scope
Paid
Members
Public
Controlling Configuration Scope By default Istio networking resources and services are visible to all services running in all namespaces that are part of the Istio service mesh. As you add more services to the mesh, the amount of sidecar proxy's configuration increases dramatically which will grow your sidecar proxy's memory
Istio Training 8 π¬ Debugging Istio Config
Paid
Members
Public
Debugging Istio Config The service mesh contains proxies that are on the request path between services. When anomalies are detected, it's typically because of a misconfiguration. In this lab, we explore tools to troubleshoot misconfiguration and get a better understanding of how to debug Istio. istioctl analyze The istioctl CLI
Istio Training 9 π¬Zero downtime upgrades
Paid
Members
Public
Zero downtime upgrades In this challenge, we will learn the proper method of upgrading Istio without your applications experiencing any downtime. This involves deploying a canary instance of the new Istio version, testing with a small workload first, and then gradually moving over all workloads while monitoring. This approach is
